Right this moment, we’re asserting managed daemon assist for Amazon Elastic Container Service (Amazon ECS) Managed Situations. This new functionality extends the managed situations expertise we launched in September 2025, by giving platform engineers impartial management over software program brokers corresponding to monitoring, logging, and tracing instruments, with out requiring coordination with software growth groups, whereas additionally enhancing reliability by guaranteeing each occasion constantly runs required daemons and enabling complete host-level monitoring.
When working containerized workloads at scale, platform engineers handle a variety of obligations, from scaling and patching infrastructure to holding functions working reliably and sustaining the operational brokers that assist these functions. Till now, many of those considerations had been tightly coupled. Updating a monitoring agent meant coordinating with software groups, modifying job definitions, and redeploying whole functions, a big operational burden whenever you’re managing a whole lot or hundreds of companies.
Decoupled lifecycle administration for daemons
Amazon ECS now introduces a devoted managed daemons assemble that permits platform groups to centrally handle operational tooling. This separation of considerations permits platform engineers to independently deploy and replace monitoring, logging, and tracing brokers to infrastructure, whereas implementing constant use of required instruments throughout all situations, with out requiring software groups to redeploy their companies. Daemons are assured to start out earlier than software duties and drain final, guaranteeing that logging, tracing, and monitoring are all the time out there when your software wants them.
Platform engineers can deploy managed daemons throughout a number of capability suppliers, or goal particular capability suppliers, giving them flexibility in how they roll out brokers throughout their infrastructure. Useful resource administration can be centralized, permitting groups to outline daemon CPU and reminiscence parameters individually from software configurations without having to rebuild AMIs or replace job definitions, whereas optimizing useful resource utilization since every occasion runs precisely one daemon copy shared throughout a number of software duties.
Let’s attempt it out
To take ECS Managed Daemons for a spin, I made a decision to start out with the Amazon CloudWatch Agent as my first managed daemon. I had beforehand arrange an Amazon ECS cluster with a Managed Occasion capability supplier utilizing the documentation.
From the Amazon Elastic Container Service console, I seen a brand new Daemon job definitions choice within the navigation pane, the place I can outline my managed daemons.
I selected Create new daemon job definition to get began. For this instance, I configured the CloudWatch Agent with 1 vCPU and 0.5 GB of reminiscence. Within the Daemon job definition household area, I entered a reputation I’d acknowledge later.
For the Process execution position, I chosen ecsTaskExecutionRole from the dropdown. Beneath the Container part, I gave my container a descriptive title and pasted within the picture URI: public.ecr.aws/cloudwatch-agent/cloudwatch-agent:newest together with a couple of further particulars.
After reviewing every part, I selected Create.
As soon as my daemon job definition was created, I navigated to the Clusters web page, chosen my beforehand created cluster and located the brand new Daemons tab.
Right here I can merely click on the Create daemon button and full the shape to configure my daemon.
Beneath Daemon configuration, I chosen my newly created daemon job definition household after which assigned my daemon a reputation. For Atmosphere configuration, I chosen the ECS Managed Situations capability supplier I had arrange earlier. After confirming my settings, I selected Create.
Now ECS mechanically ensures the daemon job launches first on each provisioned ECS managed occasion in my chosen capability supplier. To see this in motion, I deployed a pattern nginx net service as a check workload. As soon as my workload was deployed, I might see within the console that ECS Managed Daemons had mechanically deployed the CloudWatch Agent daemon alongside my software, with no guide intervention required.
After I later up to date my daemon, ECS dealt with the rolling deployment mechanically by provisioning new situations with the up to date daemon, beginning the daemon first, then migrating software duties to the brand new situations earlier than terminating the outdated ones. This “start before stop” strategy ensures steady daemon protection: your logging, monitoring, and tracing brokers stay operational all through the replace with no gaps in information assortment. The drain share I configured managed the tempo of this substitute, giving me full management over addon updates with none software downtime.
The way it works
The managed daemon expertise introduces a brand new daemon job definition that’s separate from job definitions, with its personal parameters and validation scheme. A brand new daemon_bridge community mode allows daemons to speak with software duties whereas remaining remoted from software networking configurations.
Managed daemons assist superior host-level entry capabilities which might be important for operational tooling. Platform engineers can configure daemon duties as privileged containers, add further Linux capabilities, and mount paths from the underlying host filesystem. These capabilities are significantly priceless for monitoring and safety brokers that require deep visibility into host-level metrics, processes, and system calls.
When a daemon is deployed, ECS launches precisely one daemon course of per container occasion earlier than putting software duties. This ensures that operational tooling is in place earlier than your software begins receiving visitors. ECS additionally helps rolling deployments with automated rollbacks, so you possibly can replace brokers with confidence.
Now out there
Managed daemon assist for Amazon ECS Managed Situations is accessible at present in all AWS Areas. To get began, go to the Amazon ECS console or assessment the Amazon ECS documentation. You can even discover the brand new managed daemons Software Programming Interface (APIs) by visiting this web site.
There isn’t a further value to make use of managed daemons. You pay just for the usual compute assets consumed by your daemon duties.
